orcs-oss/orcs-code
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: disable cache_control injection for third-party providers (#276)

Browse Source 
getPromptCachingEnabled() returned true for all providers including
Azure Foundry, OpenAI, Gemini, and GitHub. This caused cache_control
blocks to be injected into every request sent to 3P endpoints.

Azure Foundry's strict Responsible AI content filter treats unexpected
Anthropic-specific fields (cache_control: { type: "ephemeral" }) as
a jailbreak signal and rejects the request with a 400 error — even
for a simple prompt like "hi".

Fix: return false early when provider is not firstParty, bedrock, or
vertex — the only providers that understand and support prompt caching.

Fixes #273
Related: #267 (Finding 1)

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
KRATOS
2026-04-03 20:23:14 +05:30
committed by GitHub
parent 931ee96f5a
commit 8ce09ae743
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/services/api/claude.ts
View File

@@ -331,6 +331,14 @@ export function getExtraBodyParams(betaHeaders?: string[]): JsonObject {
}
export function getPromptCachingEnabled(model: string): boolean {
// Prompt caching is an Anthropic-specific feature. Third-party providers
// do not understand cache_control blocks and strict backends (e.g. Azure
// Foundry) reject or flag requests that contain them.
const provider = getAPIProvider()
if (provider !== 'firstParty' && provider !== 'bedrock' && provider !== 'vertex') {
return false
}
// Global disable takes precedence
if (isEnvTruthy(process.env.DISABLE_PROMPT_CACHING)) return false